How to make IPsec Remote Access VPN can dial in when the user account didn't exist/sync in XG?

Hi All,
Our client has a question about the behavior between SSLVPN, L2TP & IPsec VPN.
Client uses AD authentication for user accounts.

When the user account didn't exist/sync in XG, user can use L2TP VPN to dial in XG directly.
After dial in with L2TP, the user account will show in XG.

But user can't dial in XG with IPsec remote access VPN when the account didn't show in XG.
User need to login XG with his AD account first (make the account shows in XG),
then user can dial in XG with IPsec VPN.
The behavior of IPsec VPN is similar with SSLVPN.
User need to login user portal first to get their configuration for use SSLVPN.

Is there a way to make AD users can dial in XG with IPsec VPN directly like L2TP?

Firmware version 18.0.5 MR5

Added TAGs
[edited by: emmosophos at 7:39 PM (GMT -7) on 15 Jul 2021]

Top Replies

  • Hi ,

    Thank you for reaching out to Sophos Community.

    You can use the provisioning file (.pro) and can import it to Sopho connect client. This will provision IPsec and SSL VPN connections with…